static ARR_Instance refclock_sources;
typedef struct _AllowDeny {
- struct _AllowDeny *next;
- struct _AllowDeny *prev;
IPAddr ip;
int subnet_bits;
int all; /* 1 to override existing more specific defns */
int allow; /* 0 for deny, 1 for allow */
} AllowDeny;
-static AllowDeny ntp_auth_list = {&ntp_auth_list, &ntp_auth_list};
-static AllowDeny cmd_auth_list = {&cmd_auth_list, &cmd_auth_list};
+/* Arrays of AllowDeny */
+static ARR_Instance ntp_restrictions;
+static ARR_Instance cmd_restrictions;
typedef struct {
/* Both in host (not necessarily network) order */
ntp_sources = ARR_CreateInstance(sizeof (NTP_Source));
refclock_sources = ARR_CreateInstance(sizeof (RefclockParameters));
+ ntp_restrictions = ARR_CreateInstance(sizeof (AllowDeny));
+ cmd_restrictions = ARR_CreateInstance(sizeof (AllowDeny));
+
dumpdir = Strdup(".");
logdir = Strdup(".");
pidfile = Strdup("/var/run/chronyd.pid");
ARR_DestroyInstance(ntp_sources);
ARR_DestroyInstance(refclock_sources);
+ ARR_DestroyInstance(ntp_restrictions);
+ ARR_DestroyInstance(cmd_restrictions);
+
Free(drift_file);
Free(dumpdir);
Free(hwclock_file);
/* ================================================== */
static void
-parse_allow_deny(char *line, AllowDeny *list, int allow)
+parse_allow_deny(char *line, ARR_Instance restrictions, int allow)
{
char *p;
unsigned long a, b, c, d, n;
if (!*p) {
/* Empty line applies to all addresses */
- new_node = MallocNew(AllowDeny);
+ new_node = (AllowDeny *)ARR_GetNewElement(restrictions);
new_node->allow = allow;
new_node->all = all;
new_node->ip.family = IPADDR_UNSPEC;
n = 0;
if (UTI_StringToIP(p, &ip_addr) ||
(n = sscanf(p, "%lu.%lu.%lu.%lu", &a, &b, &c, &d)) >= 1) {
- new_node = MallocNew(AllowDeny);
+ new_node = (AllowDeny *)ARR_GetNewElement(restrictions);
new_node->allow = allow;
new_node->all = all;
} else {
if (DNS_Name2IPAddress(p, &ip_addr) == DNS_Success) {
- new_node = MallocNew(AllowDeny);
+ new_node = (AllowDeny *)ARR_GetNewElement(restrictions);
new_node->allow = allow;
new_node->all = all;
new_node->ip = ip_addr;
}
}
}
-
- if (new_node) {
- new_node->prev = list->prev;
- new_node->next = list;
- list->prev->next = new_node;
- list->prev = new_node;
- }
-
}
static void
parse_allow(char *line)
{
- parse_allow_deny(line, &ntp_auth_list, 1);
+ parse_allow_deny(line, ntp_restrictions, 1);
}
static void
parse_deny(char *line)
{
- parse_allow_deny(line, &ntp_auth_list, 0);
+ parse_allow_deny(line, ntp_restrictions, 0);
}
/* ================================================== */
static void
parse_cmdallow(char *line)
{
- parse_allow_deny(line, &cmd_auth_list, 1);
+ parse_allow_deny(line, cmd_restrictions, 1);
}
static void
parse_cmddeny(char *line)
{
- parse_allow_deny(line, &cmd_auth_list, 0);
+ parse_allow_deny(line, cmd_restrictions, 0);
}
/* ================================================== */
{
AllowDeny *node;
int status;
+ unsigned int i;
- for (node = ntp_auth_list.next; node != &ntp_auth_list; node = node->next) {
+ for (i = 0; i < ARR_GetSize(ntp_restrictions); i++) {
+ node = ARR_GetElement(ntp_restrictions, i);
status = NCR_AddAccessRestriction(&node->ip, node->subnet_bits, node->allow, node->all);
if (!status) {
LOG_FATAL(LOGF_Configure, "Bad subnet in %s/%d", UTI_IPToString(&node->ip), node->subnet_bits);
}
}
- for (node = cmd_auth_list.next; node != &cmd_auth_list; node = node->next) {
+ for (i = 0; i < ARR_GetSize(cmd_restrictions); i++) {
+ node = ARR_GetElement(cmd_restrictions, i);
status = CAM_AddAccessRestriction(&node->ip, node->subnet_bits, node->allow, node->all);
if (!status) {
LOG_FATAL(LOGF_Configure, "Bad subnet in %s/%d", UTI_IPToString(&node->ip), node->subnet_bits);
}
}
+
+ ARR_SetSize(ntp_restrictions, 0);
+ ARR_SetSize(cmd_restrictions, 0);
}
/* ================================================== */
projects / thirdparty / chrony.git / commitdiff
